Open New Support Ticket 
How to Create SSH Keys with OpenSSH on MacOS or Linux
How to Create SSH Keys with OpenSSH on macOS or Linux
In the world of secure remote communication, SSH (Secure Shell) is one of the most commonly used protocols for connecting to remote servers. SSH provides a secure method of logging into remote machines and executing commands over a network. One of the most secure ways to authenticate using SSH is with SSH keys, which allow for passwordless authentication and add an extra layer of security. SSH keys come in pairs: a private key and a public key. In this article, we’ll walk through the steps to create SSH keys using OpenSSH on macOS or Linux.
What Are SSH Keys?
SSH keys are a pair of cryptographic keys used to authenticate a client (your computer) to an SSH server. The public key is placed on the server, and the private key is kept on the client machine. When you attempt to log in, the server checks the public key against the private key to verify your identity. Unlike passwords, SSH keys are not vulnerable to brute force attacks, making them a highly secure authentication method.
Why Use SSH Keys?
- Enhanced Security: SSH keys are harder to crack than traditional passwords, reducing the risk of unauthorized access.
- Passwordless Authentication: Once set up, SSH keys allow you to log into servers without entering a password every time.
- Automated Processes: SSH keys are ideal for automating scripts, backups, and file transfers that require secure remote access.
Prerequisites
To follow this guide, you’ll need:
- A macOS or Linux machine with OpenSSH installed (OpenSSH is included by default on both platforms).
- Access to a remote server where you’ll place the public key.
Step-by-Step Guide to Creating SSH Keys
Step 1: Open a Terminal
On both macOS and Linux, the Terminal app provides the interface for running command-line commands. Open the Terminal by:
- macOS: Search for “Terminal” in Spotlight (press Cmd + Space) or find it under Applications > Utilities.
- Linux: Press Ctrl + Alt + T, or look for Terminal in your application menu.
Step 2: Generate the SSH Key Pair
To generate a new SSH key pair, use the following command in the terminal:
Explanation of the options:
- -t rsa: Specifies the type of key to create. RSA is one of the most commonly used algorithms.
- -b 4096: Sets the key length to 4096 bits for stronger security.
- -C “your_email@example.com”: This adds a comment to the key, typically used to identify the key. Replace it with your email or a descriptive name.
Once you run this command, you’ll see output similar to:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/yourusername/.ssh/id_rsa):Step 3: Choose a File Location (Optional)
By default, the key will be saved in the .ssh directory in your home folder as id_rsa (private key) and id_rsa.pub (public key). Press Enter to confirm the default location, or you can specify a different path.
Example:
Step 4: Set a Passphrase (Optional but Recommended)
Next, you’ll be asked to set a passphrase for your key:
A passphrase provides an additional layer of security by requiring you to enter it each time you use your private key. You can leave this blank if you prefer not to use a passphrase (though it’s recommended for enhanced security).
If you do set a passphrase, make sure it’s something you can remember or store securely.
Step 5: Confirm the Creation of the Key Pair
After completing the steps, you will see output similar to:
